Re: [PATCH resend] fs: ntfs3: Add check for mft_ni in mi_read()

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Al Viro <viro@zeniv.linux.org.uk>
To: Jia-Ju Bai <baijiaju1990@gmail.com>
Cc: almaz.alexandrovich@paragon-software.com,
	edward.lo@ambergroup.io, ntfs3@lists.linux.dev,
	linux-kernel@vger.kernel.org, TOTE Robot <oslab@tsinghua.edu.cn>
Subject: Re: [PATCH resend] fs: ntfs3: Add check for mft_ni in mi_read()
Date: Sat, 14 Jan 2023 02:13:56 +0000	[thread overview]
Message-ID: <Y8IP5JJW/wPy/Wb4@ZenIV> (raw)
In-Reply-To: <20230114015441.777119-1-baijiaju1990@gmail.com>

On Sat, Jan 14, 2023 at 09:54:41AM +0800, Jia-Ju Bai wrote:
> In a previous commit 2681631c2973, the parameter ni of
> attr_load_runs_vcn() can be NULL, and thus a NULL check is added.
> 
> However, in the same call stack, this variable is also dereferenced in
> mi_read():
> 
> mi_read()
>   ni_lock(mft_ni);
>     attr_load_runs_vcn(mft_ni)
>       if (ni) -> Add a check by previous commit (ni is mft_ni)
>   ni_unlock(mft_ni);
> 
> Thus, to avoid possible null-pointer dereferences, mft_ni should be
> also checked in mi_read().
> 
> These results are reported by a static tool designed by myself

No, it should not.  ni_lock(mft_ni) is called only if rw_lock
is not NULL.  The only assignment of non-NULL to that variable is
here:

        if (is_mounted(sbi)) {
                if (!is_mft) {
                        rw_lock = &mft_ni->file.run_lock;
                        down_read(rw_lock);
                }
        }

Note that it would have already oopsed had mft_ni been NULL.

The logics might or might not be wrong there, but could we please
stop obfuscating it by checks piled higher and deeper just in case?

Incidentally, I hope the pattern that triggered here is not

	f() checks for its argument being NULL, one of the callers of f() passes it a pointer
	therefore that pointer might be NULL

for obvious reasons...

     prev parent reply	other threads:[~2023-01-14  2:14 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-01-14  1:54 [PATCH resend] fs: ntfs3: Add check for mft_ni in mi_read() Jia-Ju Bai
2023-01-14  2:13 ` Al Viro [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=Y8IP5JJW/wPy/Wb4@ZenIV \
    --to=viro@zeniv.linux.org.uk \
    --cc=almaz.alexandrovich@paragon-software.com \
    --cc=baijiaju1990@gmail.com \
    --cc=edward.lo@ambergroup.io \
    --cc=linux-kernel@vger.kernel.org \
    --cc=ntfs3@lists.linux.dev \
    --cc=oslab@tsinghua.edu.cn \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox